Your SaaS Provider May Not Have Your Security Covered (SC Media)


As the first decade of cloud computing draws to a close, confidence in the way SaaS- and cloud service providers manage data protection and security is very high. Occasionally surveys will highlight concerns, but these are significantly diminished compared to past years.

Most SaaS providers’ security standards are much stronger than the typical SaaS user – a factor driving the widespread adoption of more SaaS-based apps, for more mission-critical functions. This perception is accurate – to a point.  True, many SaaS providers are on the cutting edge when it comes to fortifying their defenses, and handle much of the day-to-day work involved in keeping users’ data and apps secure, including installations, maintenance, upgrades and patches.

But did you ever stop to consider all the threats that lie on the user’s own side – over which no SaaS provider, no matter how reputable or secure, has even the slightest bit of control or jurisdiction?  These threats include: